// ******************************************************************************** //
// **Creator: Dazzle Licence: Diku Merc Rom Terms ** //
// **Difficulty: 7 Snippet: SHA256 Password Encryption ** //
// **Version: 1.0.0 Stamp: Sept 29 2005 ** //
// ******************************************************************************** //
// ** Contact Information ** //
// **Yahoo: ldevil.geo Msn: ldevil@hotmail.com ** //
// **Aim: pocketweasle Email: sandstorm@patrickcooper.ca ** //
// **Webpage: http://sandstorm.arthmoor.com ** //
// ******************************************************************************** //
// **Terms of Usage: ** //
// **Follow All the Licences listed above, also, if you have a snippet helpfile ** //
// **Put my name in there, if not, leave my name in the source. ** //
// **Also, this code is given AS-IS, straight from my mud, so there will be some ** //
// **Effort required to make this work in your mud. ** //
// **Install at your own risk, if you have any comments or questions on this ** //
// **Visit the website mentioned above, and enter the forum, post and bugs or ** //
// **suggestions there. ** //
// ******************************************************************************** //
A small note on encryption... SHA256 is no better then MD5, it is a one-way encryption
method, now, MD5 uses 128bit encryption, where as SHA256 is well... 256 bit encryption.
But SHA is more well known and easier to decypher, on second hand though, this is just
to make the life of a mud-implementor easier.
Example, the system function crypt is different on some systems, and has varying results
or some systems don't have it all together.
With this system, you will beable to move from one machine to another, without worry
about it not working.
Very simple here, all your calls to crypt must be altered.
this is how you should have your password encryption setup..
if(str_cmp(ch->pcdata->pwd, handle_sha256(argument))
{
// wrong password stuff here.
Also make-sure that when you set-your password, or change it,t hat it looks something
like this.
ch->pcdata->pwd = handle_sha256(arg);
Or whatever it is.. I would give more detailed instructions, but i don't have access to
the rom code at the moment to look over everythin.. But it is pretty basic.
Much like samson's md5 code, this will create a nice, password-block.
now use handle_sha256(argument);
Also, just to make life more fun.. In save.c, where it does something like this..
fprintf("Password %s~\n", ch->pcdata->pwd);
change it to look like this.
fprintf("Password %s\n", ch->pcdata->pwd);
And then down where it is KEY'd or KEYS'd Change it to this.
KEYS("Password", ch->pcdata->pwd, fread_word(fp));
This uses fread_word so that if by some odd chance that ~ is generated into the string (like is possible with md5)
that it will be allowed and not corrupt the pfile, and will not require alteration
***************************************************** sha256.h
#ifndef _SHA_256_H
#define _SHA_256_H
#ifndef uint8
#define uint8 unsigned char
#endif
#ifndef uint32
#define uint32 unsigned long int
#endif
typedef struct
{
uint32 total[2];
uint32 state[8];
uint8 buffer[64];
}
sha256_context;
void sha256_starts( sha256_context *context );
void sha256_update( sha256_context *context, uint8 *input, uint32 length );
void sha256_finish( sha256_context *context, uint8 digest[32] );
#endif /* sha256.h */
***************************************************** sha256.c
/*
* FIPS-180-2 compliant SHA-256 implementation
*
* Based on FIPS-180-2 guide lines.
*/
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include "sha256.h"
#define INSPECT_UINT32(n,b,i) \
{ \
(n) = ( (uint32) (b)[(i) ] << 24 ) \
| ( (uint32) (b)[(i) + 1] << 16 ) \
| ( (uint32) (b)[(i) + 2] << 8 ) \
| ( (uint32) (b)[(i) + 3] ); \
}
#define SETUP_UINT32(n,b,i) \
{ \
(b)[(i) ] = (uint8) ( (n) >> 24 ); \
(b)[(i) + 1] = (uint8) ( (n) >> 16 ); \
(b)[(i) + 2] = (uint8) ( (n) >> 8 ); \
(b)[(i) + 3] = (uint8) ( (n) ); \
}
// *Start the SHA256 encryption* //
void sha256_starts( sha256_context *context )
{
context->total[0] = 0;
context->total[1] = 0;
context->state[0] = 0x6A09E667;
context->state[1] = 0xBB67AE85;
context->state[2] = 0x3C6EF372;
context->state[3] = 0xA54FF53A;
context->state[4] = 0x510E527F;
context->state[5] = 0x9B05688C;
context->state[6] = 0x1F83D9AB;
context->state[7] = 0x5BE0CD19;
}
// Process
void sha256_process( sha256_context *context, uint8 data[64] )
{
uint32 temp1, temp2, W[64];
uint32 A, B, C, D, E, F, G, H;
INSPECT_UINT32( W[0], data, 0 );
INSPECT_UINT32( W[1], data, 4 );
INSPECT_UINT32( W[2], data, 8 );
INSPECT_UINT32( W[3], data, 12 );
INSPECT_UINT32( W[4], data, 16 );
INSPECT_UINT32( W[5], data, 20 );
INSPECT_UINT32( W[6], data, 24 );
INSPECT_UINT32( W[7], data, 28 );
INSPECT_UINT32( W[8], data, 32 );
INSPECT_UINT32( W[9], data, 36 );
INSPECT_UINT32( W[10], data, 40 );
INSPECT_UINT32( W[11], data, 44 );
INSPECT_UINT32( W[12], data, 48 );
INSPECT_UINT32( W[13], data, 52 );
INSPECT_UINT32( W[14], data, 56 );
INSPECT_UINT32( W[15], data, 60 );
#define SHR(x,n) ((x & 0xFFFFFFFF) >> n)
#define ROTR(x,n) (SHR(x,n) | (x << (32 - n)))
#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3))
#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10))
#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
#define F0(x,y,z) ((x & y) | (z & (x | y)))
#define F1(x,y,z) (z ^ (x & (y ^ z)))
#define R(t) \
( \
W[t] = S1(W[t - 2]) + W[t - 7] + \
S0(W[t - 15]) + W[t - 16] \
)
#define P(a,b,c,d,e,f,g,h,x,K) \
{ \
temp1 = h + S3(e) + F1(e,f,g) + K + x; \
temp2 = S2(a) + F0(a,b,c); \
d += temp1; h = temp1 + temp2; \
}
A = context->state[0];
B = context->state[1];
C = context->state[2];
D = context->state[3];
E = context->state[4];
F = context->state[5];
G = context->state[6];
H = context->state[7];
P( A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98 );
P( H, A, B, C, D, E, F, G, W[ 1], 0x71374491 );
P( G, H, A, B, C, D, E, F, W[ 2], 0xB5C0FBCF );
P( F, G, H, A, B, C, D, E, W[ 3], 0xE9B5DBA5 );
P( E, F, G, H, A, B, C, D, W[ 4], 0x3956C25B );
P( D, E, F, G, H, A, B, C, W[ 5], 0x59F111F1 );
P( C, D, E, F, G, H, A, B, W[ 6], 0x923F82A4 );
P( B, C, D, E, F, G, H, A, W[ 7], 0xAB1C5ED5 );
P( A, B, C, D, E, F, G, H, W[ 8], 0xD807AA98 );
P( H, A, B, C, D, E, F, G, W[ 9], 0x12835B01 );
P( G, H, A, B, C, D, E, F, W[10], 0x243185BE );
P( F, G, H, A, B, C, D, E, W[11], 0x550C7DC3 );
P( E, F, G, H, A, B, C, D, W[12], 0x72BE5D74 );
P( D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE );
P( C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7 );
P( B, C, D, E, F, G, H, A, W[15], 0xC19BF174 );
P( A, B, C, D, E, F, G, H, R(16), 0xE49B69C1 );
P( H, A, B, C, D, E, F, G, R(17), 0xEFBE4786 );
P( G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6 );
P( F, G, H, A, B, C, D, E, R(19), 0x240CA1CC );
P( E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F );
P( D, E, F, G, H, A, B, C, R(21), 0x4A7484AA );
P( C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC );
P( B, C, D, E, F, G, H, A, R(23), 0x76F988DA );
P( A, B, C, D, E, F, G, H, R(24), 0x983E5152 );
P( H, A, B, C, D, E, F, G, R(25), 0xA831C66D );
P( G, H, A, B, C, D, E, F, R(26), 0xB00327C8 );
P( F, G, H, A, B, C, D, E, R(27), 0xBF597FC7 );
P( E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3 );
P( D, E, F, G, H, A, B, C, R(29), 0xD5A79147 );
P( C, D, E, F, G, H, A, B, R(30), 0x06CA6351 );
P( B, C, D, E, F, G, H, A, R(31), 0x14292967 );
P( A, B, C, D, E, F, G, H, R(32), 0x27B70A85 );
P( H, A, B, C, D, E, F, G, R(33), 0x2E1B2138 );
P( G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC );
P( F, G, H, A, B, C, D, E, R(35), 0x53380D13 );
P( E, F, G, H, A, B, C, D, R(36), 0x650A7354 );
P( D, E, F, G, H, A, B, C, R(37), 0x766A0ABB );
P( C, D, E, F, G, H, A, B, R(38), 0x81C2C92E );
P( B, C, D, E, F, G, H, A, R(39), 0x92722C85 );
P( A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1 );
P( H, A, B, C, D, E, F, G, R(41), 0xA81A664B );
P( G, H, A, B, C, D, E, F, R(42), 0xC24B8B70 );
P( F, G, H, A, B, C, D, E, R(43), 0xC76C51A3 );
P( E, F, G, H, A, B, C, D, R(44), 0xD192E819 );
P( D, E, F, G, H, A, B, C, R(45), 0xD6990624 );
P( C, D, E, F, G, H, A, B, R(46), 0xF40E3585 );
P( B, C, D, E, F, G, H, A, R(47), 0x106AA070 );
P( A, B, C, D, E, F, G, H, R(48), 0x19A4C116 );
P( H, A, B, C, D, E, F, G, R(49), 0x1E376C08 );
P( G, H, A, B, C, D, E, F, R(50), 0x2748774C );
P( F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5 );
P( E, F, G, H, A, B, C, D, R(52), 0x391C0CB3 );
P( D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A );
P( C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F );
P( B, C, D, E, F, G, H, A, R(55), 0x682E6FF3 );
P( A, B, C, D, E, F, G, H, R(56), 0x748F82EE );
P( H, A, B, C, D, E, F, G, R(57), 0x78A5636F );
P( G, H, A, B, C, D, E, F, R(58), 0x84C87814 );
P( F, G, H, A, B, C, D, E, R(59), 0x8CC70208 );
P( E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA );
P( D, E, F, G, H, A, B, C, R(61), 0xA4506CEB );
P( C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7 );
P( B, C, D, E, F, G, H, A, R(63), 0xC67178F2 );
context->state[0] += A;
context->state[1] += B;
context->state[2] += C;
context->state[3] += D;
context->state[4] += E;
context->state[5] += F;
context->state[6] += G;
context->state[7] += H;
}
// Are we confused yet?
void sha256_update( sha256_context *context, uint8 *input, uint32 length )
{
uint32 left, fill;
if( ! length ) return;
left = context->total[0] & 0x3F;
fill = 64 - left;
context->total[0] += length;
context->total[0] &= 0xFFFFFFFF;
if( context->total[0] < length )
context->total[1]++;
if( left && length >= fill )
{
memcpy( (void *) (context->buffer + left),
(void *) input, fill );
sha256_process( context, context->buffer );
length -= fill;
input += fill;
left = 0;
}
while( length >= 64 )
{
sha256_process( context, input );
length -= 64;
input += 64;
}
if( length )
{
memcpy( (void *) (context->buffer + left),
(void *) input, length );
}
}
// Yuppers... Confused.
static uint8 sha256_padding[64] =
{
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
// Can i expect this to work?
void sha256_finish( sha256_context *context, uint8 digest[32] )
{
uint32 last, padn;
uint32 high, low;
uint8 msglen[8];
high = ( context->total[0] >> 29 )
| ( context->total[1] << 3 );
low = ( context->total[0] << 3 );
SETUP_UINT32( high, msglen, 0 );
SETUP_UINT32( low, msglen, 4 );
last = context->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
sha256_update( context, sha256_padding, padn );
sha256_update( context, msglen, 8 );
SETUP_UINT32( context->state[0], digest, 0 );
SETUP_UINT32( context->state[1], digest, 4 );
SETUP_UINT32( context->state[2], digest, 8 );
SETUP_UINT32( context->state[3], digest, 12 );
SETUP_UINT32( context->state[4], digest, 16 );
SETUP_UINT32( context->state[5], digest, 20 );
SETUP_UINT32( context->state[6], digest, 24 );
SETUP_UINT32( context->state[7], digest, 28 );
}
// *Uh oh! spagetti-oh!* //
char * handle_sha256( char *argv )
{
FILE *f;
int i, j;
char output[65];
sha256_context context;
unsigned char buf[1000];
unsigned char sha256sum[32];
sha256_starts( &context );
sha256_update( &context, (uint8 *) argv, argv );
sha256_finish( &context, sha256sum );
for( j = 0; j < 32; j++ )
{
snprintf( output + j * 2, 65, "%02x", sha256sum[j] );
}
return( output );
}